FS.com - Data Center , Enterprise & ISP Technology SolutionFS.com - HPC, Data Center, Enterprise, Telecom
User Guide for FS models including: S3150-8T2FP, S3260-8T2FP, S3260-16T4FP, S3400-24T4FP, S3400-48T4SP, S3150-8T2FP PoE Series Switches, S3150-8T2FP, PoE Series Switches, Switches
File Info : application/pdf, 4 Pages, 435.61KB
DocumentDocumentPoE+ Series Switches MAC Access-List Configuration Guide
Models: S3150-8T2FP S3260-8T2FP S3260-16T4FP S3400-24T4FP S3400-48T4SP
POE+ SERIES SWITCHES MAC ACCESS-LIST CONFIGURATION GUIDE
Contents
1. MAC Access-List Configuration...................................................................................................................................................................... 1 1.1 Create MAC Access-List.................................................................................................................................................................................1 1.2 Configuring Items of MAC Access-List..........................................................................................................................................................1 1.3 Applying MAC Access-List.............................................................................................................................................................................2
www.fs.com
POE+ SERIES SWITCHES MAC ACCESS-LIST CONFIGURATION GUIDE
1. MAC Access-List Configuration
Access-list configuration includes:
·
Create MAC access-List
·
Configuring Items of MAC Access-List
·
Applying MAC Access-List
1.1 Create MAC Access-List
A MAC access-list must be created first before applying it on the port. When a MAC access-list has been created, it enters MAC access-list configuration mode, under which items of MAC access-list can be configured. Enter privilege mode and use the following steps to add or delete a MAC access-list.
Command config
[no] mac access-list name
Purpose Enters the global configuration mode.
To add or cancel a MAC access list, run the following command.
name stands for the name of the MAC access list.
1.2 Configuring Items of MAC Access-List
In MAC access-list configuration mode, specify to permit or deny any source MAC address or a specific host source MAC address and any destination MAC address. The same items can be configured in a MAC access list only once. Enter MAC access list configuration mode and use the following steps to set MAC access list entry.
Command
Purpose
[no] {permit | deny} {any | host src-mac-addr | src-mac-addr srcmac-mask } {any | host dst-mac-addr | dst-mac-addr dst-macmask}[ arp [{any | src-ip-addr} {any | dst-ip-addr }] | ethertype]
To add/delete aMAC access list entry, run the previous command.
You can repeat this command to add/delete multiple MAC access list entry.
any means match with any MAC address; src-mac-addr stands for source MAC address;
src-mac-mask stands for source mac mask; dst-mac-addr stands for destination MAC address;
dst-mac-mask stands for destination mac mask; arp stands for matched arp packet;
src-ip-addr stands for source ip address stands for source ip address
dst-ip-addr stands for the destination ip address ethertype stands for type of the matched Ethernet packet
exit exit write
Log out from the MAC list configuration mode and enter the global configuration mode again.
Goes back to the EXEC mode. Saves the settings.
MAC list configuration example Switch_config#mac access-list 1 Switch-config-macl#permit host 1.1.1 any Switch-config-macl#permit host 2.2.2 any The above configuration is to compare the source MAC address, so the mask is the same. The configuration is successful.
www.fs.com
1
POE+ SERIES SWITCHES MAC ACCESS-LIST CONFIGURATION GUIDE
1.3 Applying MAC Access-List
The created MAC list can be applied on any physical port. Only one MAC list can be applied to a port. The same MAC list can be applied to multiple ports.Enter the privilege mode and perform the following operation to configure the MAC list.
Enter the privilege mode and perform the following operation to configure the MAC list.
Command
Purpose
config
Enters the global configuration mode.
interface g0/1
Enters the to-be-configured port.
[no] mac access-group name [vlan {word | add word | remove word}]
Apply the created MAC list to the port or delete the applied MAC list from the port.name
means the name of the MAC list. NameMAC: Name of the MAC access list Vlan THE ACCESS LIST IS APPLIED IN INGRESS.
WordVLAN RANGE TABLE AddADD VLAN RANGE TABLE Remove Delete vlan range table
exit
Goes back to the global configuration mode.
exit
Goes back to the EXEC mode.
write
Saves the settings.
www.fs.com
2